status

We'll know exactly how decentralized Cardano is

Published 19.4.2023

The University of Edinburgh is going to measure the decentralization of blockchain projects and provide this information through an index (EDI). It will start with Bitcoin and continue with other relevant projects, i.e. Ethereum, Cardano, etc. The Edinburgh Decentralization Index (EDI) may thus become the first relevant source of truth when it comes to the degree of decentralization of individual blockchain projects. This is very important, as ordinary people may have no idea how difficult it can be to compare the quality of decentralization between projects. Blockchain communities have endless arguments about which project is the most decentralized. This information is also useful for regulators who can make evidence-based decisions based on the index. EDI can give us a very precise answer to the question of how well Cardano is decentralized compared to other projects. How can it turn out?

TLDR

Cardano is the most decentralized network in the top 10 when it comes to the number of significant nodes in the network (block producers) and the holders of the expensive resource. Decentralization of PoS networks has improved slightly over the last six months while Bitcoin decentralization has been steadily declining for roughly 10 years.

Myths and Reality

One of the most widespread misconceptions in the blockchain industry is the assumption that the quality of decentralization depends on the number of nodes in the network. The blockchain network consists of distributed nodes that can be operated by anyone without the permission of a third party. However, the number of nodes in the network has only a marginal effect on the quality of decentralization.

The main task of a distributed network is to distribute data (transactions and blocks) between nodes and share resources. The number of nodes in the network affects the efficiency of data distribution and availability. It also affects the reliability and availability of the network. It is almost impossible for data to be lost from the world if it exists on thousands of nodes and is constantly available. Each newly connected node is able to find peers and start communication at any time. The network cannot simply be shut down because there is no center (server).

It may surprise you to learn that all these distributed network properties do not have a major impact on network decentralization. A distributed network protects data (ledger), can validate data (blocks and transactions), and protects the network from the shutdown. The problem is that nodes cannot directly participate in network consensus (creation of new blocks) and any decision-making process (governance).

The node operator is in the position of a consumer of data (which it can validate), but it has no chance to intervene in the creation of new data or react to possible errors in the network consensus. If a node receives a non-valid transaction or block, all it can do is ignore it and wait for new data. Why is it designed that way? Because a decentralized network requires protection against Sybil attacks.

A Sybil attack is a type of online security attack where a single entity creates multiple fake identities or accounts on a network or system to gain an unfair advantage or control over it. The goal of a Sybil attacker is to control a significant portion of the network, allowing them to influence decisions, manipulate data, or disrupt the network's functioning.

Blockchain networks are open and anyone can run (anonymously) as many nodes as they want without permission from a third party. Open-distributed networks are not inherently immune to Sybil attacks. To make them resistant to Sybil attacks, decentralization must be based on the ownership of a scarce and/or expensive resource. The ownership of an expensive resource represents the risk associated with the loss of wealth. This ensures that the resource owners have their skin in the game and allows us to assume that they will behave honestly.

Conversely, decentralization must not be based solely on the ability to run a node, since a single entity can run a large number of nodes relatively cheaply (just allocate IP addresses and run multiple clients on a single server).

The expensive resource in PoW networks is ASIC miners and power whereas in PoS networks it is coins. Cardano's decentralization is based on ownership of ADA coins. For Bitcoin, it is necessary to provide a hash rate to the network.

It may come as a surprise to many that the owners of an expensive resource can participate in the decentralization of the blockchain without having to operate a node.

The owner of the ADA coins is directly involved in the decentralization of Cardano and only needs a lightweight wallet to do so. If the ADA holder delegates coins to the chosen pool, she is an active participant in the decentralization with the right to receive a reward. The ADA holder is directly involved in deciding who (what pool) will produce the blocks.

This is exactly the same principle as you can observe in the case of Bitcoin. Miners don't need to run their own node. What they need is ASIC hardware. Miners only delegate the hashing rate to the selected pool. A single miner can have thousands of pieces of ASIC hardware. One big miner can have 1000x more decision-making power than a hobby miner with one piece of ASIC hardware. Similarly, there may be small and large ADA holders.

The features that determine the degree of decentralization of blockchain networks are mainly economic incentives and the cost of engaging in mining or staking. In principle, everybody wants to be rewarded for contributing to decentralization. In the case of both PoS and PoW blockchains, the following statement applies. The higher amount of expensive resources you own, the more skin in the game you have, and the more reward you can get for honest behavior.

Note that in the context of decentralization, it is completely irrelevant that the owners of ADA coins hold their stake (share of decision-making power) in the Cardano network forever whereas in the case of Bitcoin, an expensive resource (ASIC hardware and electricity) must be consumed and purchased again over and over for the reward earned. This aspect affects some attack vectors, but not decentralization.

Also note that in the extreme case, there may be a huge distributed network with tens of thousands of nodes, but only a few entities (even a single entity) may own the expensive resource. If more than 50% of the resource (coins or hash rate) were owned by a single entity, the blockchain would be centralized regardless of the number of nodes. A single entity could decide whether to censor transactions, produce new blocks, or attempt to commit fraud. Node operators who do not own an expensive resource have little chance to change this situation.

It is important to note that the network is secured by an expensive resource, not the common nodes. The user is forced to join a version of the network that is sufficiently secure. If the majority of miners support a particular chain (after the fork), users will be forced to join or stay on a less secure version of the chain (shorter chain) with the risk that miners may attack a competing chain. Fork is not an ideal solution in the case of governance disputes.

Let's do a summary of this section. Decentralization does not depend on the number of nodes in a distributed network but on the number of entities holding the expensive resource. The resource holders do not need to run their own nodes. There will always be large resource holders that have more power than smaller holders. In other words, the individual holders of an expensive resource are not equal. Those with money can buy a greater share of power. Decentralization must be based on an expensive resource as it serves as protection against Sybil attacks.

Block producers vs. ordinary nodes

We explained that the owners of an expensive resource don't need to run their own node. This is true if they delegate the resource to the operator that runs the node. Of course, the owner of an expensive resource can run its own node. Nodes in a distributed network are involved in producing new blocks and extending the ledger. Obviously, nodes are not equal and some are more important than others.

Nodes that directly participate in network consensus in the sense of producing new blocks are so-called block producers (pools or validators). These nodes are more important than the nodes of ordinary users who are in the role of data consumers.

If there are nodes in a distributed network that are more important than others, we can talk about a form of centralization. If an attacker succeeds in removing a common node (or a larger number) from the network, the network will easily cope and will not be compromised (it will be temporarily less distributed). If an attacker manages to remove nodes that are run by block producers (pools, validators), this will compromise the block production and the attack can be considered successful. If an attacker were to remove all block producer nodes from the network, the network would come to a complete halt.

What kind of attack is most effective? It is possible to attack large holders of an expensive resource or important nodes in the network. If an attacker manages to steal a significant amount of coins, or physically destroy several large mining farms, this will have a negative impact on the functioning of the network. ASIC hardware can be seized by the government and misused for an attack similar to the attack via seized coin. Note that attacking the resource holder does not require a direct attack on the nodes at all. It is enough to seize the resource and then exploit it to attack significant nodes.

When attacking nodes, it is most effective to target block producers. A successful attack on a small number of block producers has an immediate impact on the operation of the network. The total number of nodes in a distributed network may be irrelevant if the network can be damaged by attacking a smaller number of significant nodes. Many people do not perceive this fundamental insight.

Note how expensive resource and block producer nodes are related. Thousands of people can own an expensive resource and delegate it to a single node. If that node can be taken out of the network, the network will be weakened. The block producer may try to abuse the delegated power, or he may be attacked physically (by a regulator, the state, a criminal, or another block producer).

The quality of decentralization must therefore be judged primarily by the number of block producers in the network. Secondarily, we have to look at the number and size of the holders of the expensive resource.

If the block producer fails in any way (attempted fraud, external attack, internal cooperation, transaction censorship), the owners of the expensive resource can react and choose another block producer. However, it is always in response to an attack that has already been carried out or is underway. This response may not be timely. There are attacks that can take place relatively quickly (double-spend attack) or take place continuously (transaction censorship). Therefore, from our point of view, the number of block producers is the most important in the context of decentralization.

It is important to note that an attack on decentralization can be attempted without holding an expensive resource (network attack on block producers) or through its ownership. For example, a resource owner may agree to censor transactions and delegate the resource to a pool that does so.

That is why it is very important that an expensive resource is owned by as many entities as possible. It can be assumed that the higher the number of owners, the more autonomous entities will make decisions. The overall characteristics of the network will be as desired by the majority.

The geographical distribution of owners also matters. If the majority of them are from one country where regulators decide to crack down on blockchain networks, this will be a bigger threat than if the holders are evenly distributed around the world. Ideally, block producers and resource owners are evenly distributed around the world.

Let's do a summary of this section. The most important nodes in the network are those that produce blocks. In order to produce blocks, a node needs an expensive resource. The resource can be owned by the block producer, or it can be delegated. Block producers are points of centralization because if an attacker manages to remove several dominant producers, it will compromise the functionality of the network. The resource owners can respond to the attack and delegate the resource to another producer. However, the resource owners may be the attackers. The more block producers and resource owners there are, the more decentralized the network can potentially be. It depends on the share of the resource held by independent individuals. Further, it depends on how many entities hold a crucial amount of resources for the attack. There may well be a million holders of a resource in the network, but a substantial amount may be in the hands of a few.

Decentralization from the Perspective of ordinary users

Most users do not run their own nodes. Although cryptocurrency holders are in the order of hundreds of millions, full nodes are operated by thousands to tens of thousands of users within each major blockchain. Roughly only 0.0001% of BTC owners run their own full node (there are approximately less than 20,000 Bitcoin full nodes while there are hundreds of millions of BTC holders). Besides Sybil's attacks, this is another reason why it's not a good idea to build on-chain governance based on nodes.

If decentralization were to be judged by how users access the blockchain, we would find that most people use third-party custodial wallets or connect to nodes operated by third parties via non-custodial wallets. All users who do not run their own node must rely on a node that is operated by a third party. These nodes represent a single point of failure and might become a target of attackers.

Full nodes that are operated by exchanges and HW wallet vendors are more important than the node of ordinary users. Millions of users connect to these nodes via client-server protocols in order to access their assets and the connection can be (temporarily) cut by attackers.

In the context of the production of blocks, this is not necessarily such an important topic, but to add context, it is good to know about the weaknesses of blockchains. However, if coins are to be used for on-chain governance, it is important that they are owned (held) by users and not by third parties (exchanges).

When people talk about decentralization, many people only look at block production. They often forget governance. That is the way in which major protocol changes are decided and voted on. For most projects, teams have unlimited control over the source code. Some projects have some form of governance in place, but most attempts have not yet stood the test of time.

Who should decide on changes to the protocol? Also in the case of governance, there must be a defense against Sybil attacks, so even in this case, the only reliable voting method is one that is based on an expensive resource. It is necessary to use coins or hash rate.

In the case of Cardano, voting may be compromised if exchanges vote with coins belonging to users. In the case of PoW, cloud mining services present a similar problem. That's an interesting finding. People can have skin in the game and pay for the resource, but they may not directly own (hold) the resource, and a third party can misuse it. Staking in exchanges and cloud mining is a way for many people to receive rewards for participating in the decentralization of networks while avoiding complex technicalities.

In the case of PoW, the reason for using cloud mining can be expensive local electricity or the need to have a dedicated room for ASIC hardware (ASIC hardware produces unpleasant noise). In Cardano's case, there is no objective reason for staking on exchanges. For some PoS networks (those that don't use the concept of pools and delegation), staking through exchanges is the only way to avoid complex technicalities.

Let's do a summary of this section. Most cryptocurrency users do not run their own nodes and rely on third-party nodes that they connect to via client-server protocols. In the case of governance, the threat of Sybil's attack makes it impossible to rely on nodes and it is necessary to base voting on the ownership of an expensive resource. Unfortunately, the person who pays for the resource and has skin in the game doesn't necessarily have full control of it.

Other factors influencing the quality of decentralization

Many sub-details affect the quality of decentralization. We do not know what the University of Edinburgh experts will focus on in particular. Let's look at a few things to consider.

The opportunity to participate in decentralization should be as inclusive as possible, as this is the only way it can be expected to grow over time. The financial cost of entry and technological skills requirements should be minimal. In practice, this can be difficult to achieve and several tiers for different actors need to be considered. There will always be important (more centralized) actors in the network who have more of their skin in the game (higher economic exposure). This is the group of block producers. Furthermore, it should be possible to allow anyone who is interested but lacks the necessary expertise and has only low capital to participate in decentralization.

In Cardano, but also in the Bitcoin network, this is achieved through the ability to delegate an expensive resource to a pool operator (block producer node). In the Ethereum network, this option is not supported at the protocol level, but the concept of pooling ETH in one place also exists.

The opportunity to participate in decentralization is very low in PoS networks and it is enough to own a few ADA coins or part of ETH. For PoW networks, the entry costs are significantly higher. ASIC hardware can be worth thousands to tens of thousands of USD. In addition, cooling and space must be available.

In addition, the miner is not guaranteed to be profitable as it competes with other miners. The competitive struggle is strongly influenced by energy costs. Entrepreneurs have a distinct advantage over hobby miners as they can negotiate discounts from energy suppliers and ASIC hardware. They can expand their business more quickly. Large miners get richer faster than small miners because they have an economy of scale advantage. If it is possible to squeeze out other actors involved in decentralization through more power (money), this will have negative consequences.

Stakers do not compete with each other and can keep a stake in the network forever. In other words, they can participate in decentralization forever and no one can put them out of business. While PoW mining naturally tends towards centralization, staking tends towards greater decentralization. As written above, consensus and decision-making power can be bought with money. In theory, all networks can be controlled by one entity.

Energy is an expensive resource that is easy to attack. The state can impose a tax on energy that is used for extraction, and this is basically just attacking the extractors through the law. This attack vector does not exist with PoS networks because the resource is digital.

PoS project coins can be owned by anyone in the world without restrictions. You just need to have an internet connection. The cost of electricity varies in different parts of the world, so extraction will always be centralized in some areas and almost impossible in others. A single state can account for tens of percent of the total hash rate.

Another interesting difference is the fact that while PoW miners are primarily entrepreneurs who want to make a profit, stakers are the owners of the network. The interests of the network and the stakers are aligned and it can be assumed that ADA holders want the best for Cardano. For PoW miners, this may also be true, but the mental connection may not be as strong. Miners plan the business for a certain period and then may leave to do something else.

This is particularly important from a governance perspective, as the interests of BTC holders may be different from those of miners. If something important was voted on, for example, tail emission (endless inflation of BTC coins to solve the security budget), most BTC holders might be against the introduction of this feature, but it could be economically beneficial for miners. How to assess this in terms of decentralization?

Which network in the top 10 is the most decentralized?

Let's start with Bitcoin. At the time of writing, Pool Foundry USA has a 33% share of block production, and AntPool has a 29% share. If an attack on just 2 pools succeeds, block production slows down immediately. If the pool operators agree on an internal quick attack, they have a chance to succeed. Miners may not respond to an attack in time, or they may participate in it.

It is important to note that the security of a decentralized network cannot be based on the assumption that actors are economically motivated to behave honestly. This could be assumed even in the case of a single actor. Decentralization is about making this attack (hopefully) impossible through a maximally high number of actors and the assumption that they are unable to agree among themselves to attack.

The big resource holders can be attacked because they are centers of power (and also strong centers of governance). Who owns a large share of the hash rate? The 12 publicly listed mining companies account for roughly 20% of the total hash rate. Other large miners usually have a few percent shares of the total hash rate. It is important to know that the share of the largest players is growing. The current largest miner is Riot Blockchain which has almost 90,000 ASIC miners. Riot and Marathon are dominant among the largest miners and their position is growing every year. If we wanted to roughly calculate how many miners would have to work together to have more than a 50% share of the total hash rate, it would be several tens, maybe hundreds.

Let us add that if miners are publicly listed companies, they must comply with the requirements of regulators and laws. This is not good news for attacks like transaction censorship or blacklisting of users. PoS holders do not need to register anywhere and might stay anonymous. Anonymity increases resistance to attacks.

To disrupt Bitcoin, it is only needed to attack 2 pools. A significant share of the resource (hash rate) is held by dozens (maybe a few hundred) entities, some of which are publicly listed companies.

We did not pay much attention to the Ethereum project in the article, but we have to mention it. Ethereum is decentralized through validators. The number of them is growing steadily after the transition to PoS and is approaching 600,000. More important is the number of clients (multiple validators can run on a single client), which is almost 8000.

One entity can run more clients and it is currently happening. The reason is that running a validator is technologically challenging for ordinary people and most of them prefer to stake ETH through third parties. From a decentralization perspective, who holds the expensive resource is important. Currently, LIDO has a 31% share, Coinbase 12%, and Kraken 7%. The group OTHERS is 25%. The quality of Ethereum decentralization is growing. LIDO's share is basically unchanged over a longer period of time and the share of centralized exchanges is gradually decreasing.

The Minimum Attack Vector (MAV) looks at how many entities can have significant control over the network (51% attack attempt, it is not always required to hold more than 50% of the resource to significantly disrupt the network, a smaller amount may be sufficient). We have stated that for Bitcoin above. If we wanted to calculate the MAV of Ethereum, it would be similar to Bitcoin, so a few tens.

As for attacking nodes in the Cardano network, it would require disrupting roughly 27 pools for the attacker to gain a majority advantage. The attack on the source, i.e. the coins, is relatively difficult to calculate. One can attack centralized exchanges. The largest exchange, Binance, used to have more than a 10% stake, but its importance is declining and it currently has only an 8.5% stake.

There are currently 23.8B ADA coins staked. Half are roughly 12B. How many people together hold that many coins? If we look at the rich list, we find that there are roughly 100 people holding 50-100M ADA, 262 people holding 10-50M ADA, and 168 people holding 5-10M ADA. Let's say an attacker would have to find several hundred people holding the largest number of ADA.

We have the numbers, but it should be noted that in terms of attacks, it is much easier to find large miners (or generally large energy consumers and large mining halls) than coin holders. In the context of the quality of decentralization (and security), it is important to consider this.

Cardano is roughly 10x more decentralized than Bitcoin at the block producer level and roughly the same at the large resource holder level. In the case of Ethereum, the result is likely to be very similar. Ethereum is probably slightly more decentralized than Bitcoin. To know the exact difference, we would need to find out more precise information regarding the validator operators.

What is important is the long-term trend. While Bitcoin decentralization is declining mainly due to the emergence of pools and the centralization of mining around large miners, PoS network coins are gradually becoming more distributed. As whales sell coins, the decentralization of PoS networks grows. People leave exchanges and stake coins from their own wallets (or delegate ADA and ETH from their own wallets). The decentralization of both PoS networks has increased slightly over the last six months.

Conclusion

As you can see, measuring decentralization is very difficult. It is necessary to do a very precise analysis and get relevant data about the number of significant nodes in the network and the holders of the expensive resource. However, numbers alone are not sufficient for comparison. A wide range of possible external and internal attacks on decentralization must be considered and the risks carefully weighed. Most people focus only on block production, but governance is also important. It doesn't stop there, however, and decentralization can be considered at other levels. One can consider decentralization at the level of client diversity, coin distribution, cloud services usage, and a few other things. In the case of PoW networks, decentralization at the ASIC producer level must also be considered. This article provides only a basic insight into the topic. As you may have noticed, there are a large number of details and nuances to consider.

Decentralization is not a static figure and will constantly change over time. Sometimes quite fundamentally. Taking care of decentralization is very similar to trying to maintain democracy. All citizens would like to live in a democratic state, but politicians try to usurp as much power as possible. It will be the same with decentralization. It will not be at all easy to keep it high in the long term. That is why it is important to have accurate information about it from an independent author. The Edinburgh Decentralisation Index will change the blockchain industry as users will have clarity on which network is the most decentralized.

We expect Cardano to do well in EDI, but we can't predict the results in advance. We are curious to see what aspects the team evaluating decentralization will consider and what data it will provide to the public to do so.

Featured:

Related articles

Did you enjoy this article? Other great articles by the same author